[cisco-bba] stranded sessions

Bryan Campbell bbc at misn.com
Sun Feb 10 23:04:47 EST 2008 

The following PPPOE configuration works fine, except for one detail.

If a customer unplugs their router, it strands a session and IP address. 
  If I add the mac address session limit, it will limit the number of 
sessions and then not allow any additional connections.  But, the 
sessions are still stuck.  If they do not time out (which required a 
timeout be set), or the sessions are not cleared, the customer will not 
be able to log back on.

The work around was to not limit connections per mac.  But, that won't 
do for long.  The IP pools will be exhausted fairly quickly.

I cannot imagine that Cisco doesn't have a knob that can be set which 
will clear stranded PPPoE sessions, or at least disconnect the previous 
session to the same MAC.  But, I am unaware of how this is accomplished 
with BBA on a Cisco.

Any ideas?

bbc at misn.com


aaa new-model
!
aaa authentication ppp default local group radius
aaa authorization network default local group radius none
aaa accounting delay-start
aaa accounting network default start-stop group radius
!
aaa session-id common
. . .
bba-group pppoe global
  virtual-template 1
  ac name DSL
  sessions per-mac throttle 100 30 3600
  sessions auto cleanup
!
bba-group pppoe DSL
  virtual-template 1
  sessions per-mac throttle 100 30 3600
  sessions auto cleanup
. . .
interface GigabitEthernet0/2
  no ip address
  duplex auto
  speed auto
  media-type rj45
  negotiation auto
!
interface GigabitEthernet0/2.2
  encapsulation dot1Q 2
  pppoe enable group DSL
. . .
interface Virtual-Template1
  ip unnumbered Loopback1
  no logging event link-status
  peer default ip address pool pool1-1 default
  no keepalive
  ppp authentication pap
  ppp ipcp dns Y.Y.Y.Y Z.Z.Z.Z
  ppp ipcp address required
  ppp ipcp address unique
!
ip local pool default X.X.X.49 X.X.X.62
ip local pool default X.X.Y.1 X.X.Y.250
ip local pool default X.X.Z.1 X.X.Z.250
!
ip radius source-interface Loopback1
!
radius-server attribute 8 include-in-access-req
radius-server attribute nas-port format d
radius-server host X.X.X.X auth-port 1645 acct-port 1646
radius-server key 7 XXXXXXXXXXXX
radius-server vsa send accounting
radius-server vsa send authentication

More information about the cisco-bba mailing list